From owner-freebsd-security Fri Aug 2 2:45:56 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 89A2137B400 for ; Fri, 2 Aug 2002 02:45:53 -0700 (PDT) Received: from net2.dinoex.sub.org (net2.dinoex.de [212.184.201.182]) by mx1.FreeBSD.org (Postfix) with ESMTP id C9FCA43E5E for ; Fri, 2 Aug 2002 02:45:51 -0700 (PDT) (envelope-from dirk.meyer@dinoex.sub.org) Received: from net2.dinoex.sub.org (dinoex@net2.dinoex.sub.org [127.0.0.1]) by net2.dinoex.sub.org (8.12.5/8.12.5) with ESMTP id g729jM5H006826 for ; Fri, 2 Aug 2002 11:45:23 +0200 (CEST) (envelope-from dirk.meyer@dinoex.sub.org) X-MDaemon-Deliver-To: Received: from gate.dinoex.sub.org (dinoex@localhost) by net2.dinoex.sub.org (8.12.5/8.12.5/Submit) with BSMTP id g729jLhd006814 for ; Fri, 2 Aug 2002 11:45:21 +0200 (CEST) (envelope-from dirk.meyer@dinoex.sub.org) To: freebsd-security@FreeBSD.ORG Message-ID: <5VuZasl8L8@dmeyer.dinoex.sub.org> From: dirk.meyer@dinoex.sub.org (Dirk Meyer) Organization: privat Subject: Re: About the openssl hole Date: Fri, 02 Aug 2002 11:39:47 +0200 X-Mailer: Dinoex 1.79 References: <3D47402F.83B37CBA@pantherdragon.org> X-Gateway: ZCONNECT gate.dinoex.sub.org [UNIX/Connect 0.94] X-PGP-Fingerprint: 44 16 EC 0A D3 3A 4F 28 8A 8A 47 93 F1 CF 2F 12 X-Copyright: (C) Copyright 2001 by Dirk Meyer -- All rights reserved. X-PGP-Key-Avail: mailto:pgp-public-keys@keys.de.pgp.net Subject:GET 0x331CDA5D X-ZC-VIA: 20020802000000S+2@dinoex.sub.org X-Accept-Language: de,en X-Noad: Please don't send me ad's by mail. I'm bored by this type of mail. X-Note: sending SPAM is a violation of both german and US law and will at least trigger a complaint at your provider's postmaster. X-No-Archive: yes Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org patpro wrote: > If I just : > - update openSSL port > - recompile every port that use openSSL (openSSH, Apache+mod_ssl, ....) > will I be safe from remote attack ? openSSH Apache+mod_ssl .... works fine. Ervery port that inlcudes Makefile.ssl will use the port version. You can check it with ldd: libcrypto.3 or libssl.3 are used. Some ports will still link with the base versions, there are open PR's about it ... kind regards Dirk - Dirk Meyer, Im Grund 4, 34317 Habichtswald, Germany - [dirk.meyer@dinoex.sub.org],[dirk.meyer@guug.de],[dinoex@FreeBSD.org] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message